AP-5131 Access Point Product Reference Guide
5-18
4. Click Apply to save any changes to the WAN screen. Navigating away from the screen
without clicking the Apply button results in all changes to the screen being lost.
5. Click Undo Changes (if necessary) to undo any changes made. Undo Changes reverts the
settings displayed on the WAN screen to the last saved configuration.
6. Click Logout to securely exit the AP-5131 Symbol Access Point applet. A prompt displays
confirming the logout before the applet is closed.
Keep-Alive Select the Keep-Alive checkbox to maintain the AP-5131 WAN
connection indefinitely (no timeout interval). Some ISPs terminate
inactive connections. Enabling Keep-Alive keeps the AP-5131
WAN connection active, even when there is no traffic. If the ISP
drops the connection after an idle period, the AP-5131
automatically re-establishes the connection to the ISP. Enabling
Keep-Alive mode disables (grays out) the Idle Time field.
Idle Time (seconds) Specify an idle time in seconds to limit how long the AP-5131’s
WAN connection remains active after outbound and inbound traffic
is not detected. The Idle Time field is grayed out if Keep-Alive is
enabled.
Authentication Type Use the Authentication Type menu to specify the authentication
protocol(s) for the WAN connection. Choices include None, PAP or
CHAP, PAP, or CHAP.
Password Authentication Protocol (PAP) and Challenge Handshake
Authentication Protocol (CHAP) are competing identify-verification
methods.
PAP sends a username and password over a network to a server
that compares the username and password to a table of authorized
users. If the username and password are matched in the table,
server access is authorized. WatchGuard products do not support
the PAP protocol because the username and password are sent as
clear text that a hacker can read.
CHAP uses secret information and mathematical algorithms to
send a derived numeric value for login. The login server knows the
secret information and performs the same mathematical
operations to derive a numeric value. If the results match, server
access is authorized. After login, one of the numbers in the
mathematical operation is changed to secure the connection. This
prevents any intruder from trying to copy a valid authentication
session and replaying it later to log in.